Skills
skills/samuraigpt/generative-media-skills/muapi-3d-logo-animation/Gen Agent Trust Hub

muapi-3d-logo-animation

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the interpolation of untrusted user input into model prompts.
  • Ingestion points: The material_style user input is used directly in Phase A and Phase B prompts.
  • Boundary markers: Absent; there are no delimiters or instructions provided to the model to ignore potential commands within the user-provided text.
  • Capability inventory: The skill utilizes the muapi CLI and curl for network and subprocess operations.
  • Sanitization: Absent; no validation or escaping is applied to the input variables before they are processed by the agent.
  • [COMMAND_EXECUTION]: The skill uses the muapi CLI for authentication (muapi auth configure), image editing, and video generation. It also provides a fallback mechanism using curl to execute POST requests against the Muapi API, which involves using shell environment variables for authentication.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to api.muapi.ai to interact with image and video generation models. While this domain is specific to the skill's purpose, it is not on the default whitelist of trusted domains.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:04 PM
Security Audit — agent-trust-hub — muapi-3d-logo-animation